[dev] Re: Patch for creator permissions in horde and kronolith
Jason Rust
jrust at rustyparts.com
Tue May 13 15:52:59 PDT 2003
> The attached patch implements what I have dubbed "creator permissions"
> in horde and kronolith. In horde it adds the functionality of being able to
> specify that the creator of an event or item can edit, delete, read,
> etc. their event. I then implemented the features of this new
> permission into kronolith by storing the user id of the person who
> creates an event and passing that information to the hasPermission()
> function. Other applications who don't want to take advantage of this
> feature would not be affected since it is an optional argument that is
> ignored if not passed in.
Attached is version 2 of the creator permissions. Some bugs were found
with the first patch and in addition I implemented a feature to show
the name of the owner of an event in the view page.
-Jason
-------------- next part --------------
Index: admin/perms.php
===================================================================
RCS file: /repository/horde/admin/perms.php,v
retrieving revision 1.21
diff -u -r1.21 perms.php
--- admin/perms.php 12 Nov 2002 20:21:24 -0000 1.21
+++ admin/perms.php 13 May 2003 21:24:58 -0000
@@ -168,6 +168,34 @@
}
}
+ // Process creator permissions.
+ if (Horde::getFormData('creator_deny')) {
+ $permission->removeCreatorPermission(_PERMS_SHOW | _PERMS_READ | _PERMS_EDIT | _PERMS_DELETE, false);
+ $permission->addCreatorPermission(_PERMS_NONE, false);
+ } else {
+ $permission->removeCreatorPermission(_PERMS_NONE, false);
+ if (Horde::getFormData('creator_show')) {
+ $permission->addCreatorPermission(_PERMS_SHOW, false);
+ } else {
+ $permission->removeCreatorPermission(_PERMS_SHOW, false);
+ }
+ if (Horde::getFormData('creator_read')) {
+ $permission->addCreatorPermission(_PERMS_READ, false);
+ } else {
+ $permission->removeCreatorPermission(_PERMS_READ, false);
+ }
+ if (Horde::getFormData('creator_edit')) {
+ $permission->addCreatorPermission(_PERMS_EDIT, false);
+ } else {
+ $permission->removeCreatorPermission(_PERMS_EDIT, false);
+ }
+ if (Horde::getFormData('creator_delete')) {
+ $permission->addCreatorPermission(_PERMS_DELETE, false);
+ } else {
+ $permission->removeCreatorPermission(_PERMS_DELETE, false);
+ }
+ }
+
// Process user permissions.
$u_names = Horde::getFormData('u_names');
$u_deny = Horde::getFormData('u_deny');
Index: kronolith/addeventaction.php
===================================================================
RCS file: /repository/kronolith/addeventaction.php,v
retrieving revision 1.36
diff -u -r1.36 addeventaction.php
--- kronolith/addeventaction.php 8 May 2003 13:31:18 -0000 1.36
+++ kronolith/addeventaction.php 13 May 2003 21:24:58 -0000
@@ -14,13 +14,13 @@
if (!Horde::getFormData('cancel')) {
$calendar_id = Horde::getFormData('targetcalendar', $prefs->getValue('default_share'));
$share = &$shares->getShare($calendar_id);
+ $calendar->open($calendar_id);
+ $event = $calendar->getEventObject();
if (is_a($share, 'PEAR_Error')) {
$notification->push(sprintf(_("There was an error accessing the calendar: %s"), $share->getMessage()), 'horde.error');
- } elseif (!$share->hasPermission(Auth::getAuth(), _PERMS_EDIT)) {
+ } elseif (!$share->hasPermission(Auth::getAuth(), _PERMS_EDIT, $event->getCreatorID())) {
$notification->push(sprintf(_("You do not have permission to add events to %s."), $share->getShareName()), 'horde.warning');
} else {
- $calendar->open($calendar_id);
- $event = $calendar->getEventObject();
$event->readForm();
$event->save();
}
Index: kronolith/deleventaction.php
===================================================================
RCS file: /repository/kronolith/deleventaction.php,v
retrieving revision 1.7
diff -u -r1.7 deleventaction.php
--- kronolith/deleventaction.php 17 Apr 2003 16:34:44 -0000 1.7
+++ kronolith/deleventaction.php 13 May 2003 21:24:58 -0000
@@ -23,7 +23,7 @@
exit;
}
$share = &$shares->getShare($event->getCalendar());
- if (!$share->hasPermission(Auth::getAuth(), _PERMS_DELETE)) {
+ if (!$share->hasPermission(Auth::getAuth(), _PERMS_DELETE, $event->getCreatorID())) {
$notification->push(_("You do not have permission to delete this event."), 'horde.warning');
} else {
if ($event->hasRecurType(KRONOLITH_RECUR_NONE) || Horde::getFormData('all')) {
Index: kronolith/editevent.php
===================================================================
RCS file: /repository/kronolith/editevent.php,v
retrieving revision 1.36
diff -u -r1.36 editevent.php
--- kronolith/editevent.php 6 Jan 2003 23:20:21 -0000 1.36
+++ kronolith/editevent.php 13 May 2003 21:24:58 -0000
@@ -40,13 +40,13 @@
$buttons = array();
$share = &$GLOBALS['shares']->getShare(Horde::getFormData('calendar'));
-if (Horde::getFormData('calendar') == '**remote' || !$share->hasPermission(Auth::getAuth(), _PERMS_EDIT)) {
+if (Horde::getFormData('calendar') == '**remote' || !$share->hasPermission(Auth::getAuth(), _PERMS_EDIT, $event->getCreatorID())) {
$buttons[] = '<input type="submit" class="button" name="saveAsNew" value="' . _("Save As New") . '" onclick="return checkCategory();" />';
} else {
$buttons[] = '<input type="submit" class="button" name="save" value="' . _("Save Event") . '" onclick="return checkCategory();" />';
if ($event->isInitialized()) {
$buttons[] = '<input type="submit" class="button" name="saveAsNew" value="' . _("Save As New") . '" onclick="return checkCategory();" />';
- if ($share->hasPermission(Auth::getAuth(), _PERMS_DELETE)) {
+ if ($share->hasPermission(Auth::getAuth(), _PERMS_DELETE, $event->getCreatorID())) {
$delurl = Horde::addParameter('delevent.php', 'eventID=' . $event->getID());
$delurl = Horde::addParameter($delurl, 'calendar=' . $event->getCalendar());
$delurl = Horde::addParameter($delurl, 'month=' . $month);
Index: kronolith/editeventaction.php
===================================================================
RCS file: /repository/kronolith/editeventaction.php,v
retrieving revision 1.43
diff -u -r1.43 editeventaction.php
--- kronolith/editeventaction.php 10 May 2003 00:46:12 -0000 1.43
+++ kronolith/editeventaction.php 13 May 2003 21:24:58 -0000
@@ -33,8 +33,6 @@
if (is_a($share, 'PEAR_Error')) {
$notification->push(sprintf(_("There was an error accessing the calendar: %s"), $share->getMessage()), 'horde.error');
- } elseif (!$share->hasPermission(Auth::getAuth(), _PERMS_EDIT)) {
- $notification->push(_("You do not have permission to edit this event."), 'horde.warning');
} else {
if (Horde::getFormData('saveAsNew')) {
$calendar->open($target);
@@ -61,8 +59,12 @@
$event = $calendar->getEventObject(Horde::getFormData('eventID'));
}
}
- $event->readForm();
- $event->save();
+ if (!$share->hasPermission(Auth::getAuth(), _PERMS_EDIT, $event->getCreatorID())) {
+ $notification->push(_("You do not have permission to edit this event."), 'horde.warning');
+ } else {
+ $event->readForm();
+ $event->save();
+ }
}
}
}
Index: kronolith/lib/Event.php
===================================================================
RCS file: /repository/kronolith/lib/Event.php,v
retrieving revision 1.82
diff -u -r1.82 Event.php
--- kronolith/lib/Event.php 7 May 2003 15:14:12 -0000 1.82
+++ kronolith/lib/Event.php 13 May 2003 21:24:59 -0000
@@ -25,6 +25,12 @@
var $eventID = null;
/**
+ * The user id of the creator of the event
+ * @var string $creatorID
+ */
+ var $creatorID = null;
+
+ /**
* The title of this event,
* @var string $title
*/
@@ -198,6 +204,10 @@
*/
function fromHash($hash)
{
+ // see if it's a new event
+ if (is_null($this->getID())) {
+ $this->setCreatorID(Auth::getAuth());
+ }
if (!empty($hash['title'])) {
$this->setTitle($hash['title']);
}
@@ -410,6 +420,26 @@
}
/**
+ * Retrieve the id of the user who created the event
+ *
+ * @return string The creator id
+ */
+ function getCreatorID()
+ {
+ return $this->creatorID;
+ }
+
+ /**
+ * Set the id of the creator of the event
+ *
+ * @param string $creatorID The user id for who created the event
+ */
+ function setCreatorID($creatorID)
+ {
+ $this->creatorID = $creatorID;
+ }
+
+ /**
* Retrieve the globally unique identifier for this event.
*
* @return integer The globally identifier for this event.
@@ -435,7 +465,7 @@
}
$share = &$GLOBALS['shares']->getShare($this->getCalendar());
- if (!is_a($share, 'PEAR_Error') && $share->hasPermission(Auth::getAuth(), _PERMS_READ)) {
+ if (!is_a($share, 'PEAR_Error') && $share->hasPermission(Auth::getAuth(), _PERMS_READ, $this->getCreatorID())) {
return !empty($this->title) ? $this->title : _("[none]");
} else {
global $prefs;
@@ -649,6 +679,11 @@
{
global $prefs;
+ // see if it's a new event
+ if (is_null($this->getID())) {
+ $this->setCreatorID(Auth::getAuth());
+ }
+
// Basic fields.
$this->setTitle(Horde::getFormData('title', $this->title));
$this->setDescription(Horde::getFormData('description', $this->description));
@@ -1039,7 +1074,7 @@
$share = &$GLOBALS['shares']->getShare($this->getCalendar());
$link = '';
- if (!is_a($share, 'PEAR_Error') && $share->hasPermission(Auth::getAuth(), _PERMS_READ)) {
+ if (!is_a($share, 'PEAR_Error') && $share->hasPermission(Auth::getAuth(), _PERMS_READ, $this->getCreatorID())) {
if (isset($this->remoteCal)) {
$url = Horde::addParameter('viewevent.php', 'eventID=' . $this->eventIndex);
$url = Horde::addParameter($url, 'calendar=**remote');
@@ -1060,7 +1095,7 @@
$link .= @htmlspecialchars($this->getTitle(), ENT_QUOTES, NLS::getCharset());
- if (!is_a($share, 'PEAR_Error') && $share->hasPermission(Auth::getAuth(), _PERMS_READ) &&
+ if (!is_a($share, 'PEAR_Error') && $share->hasPermission(Auth::getAuth(), _PERMS_READ, $this->getCreatorID()) &&
(isset($this->eventID) || isset($this->taskID) || isset($this->remoteCal))) {
$link .= '</a>';
}
@@ -1070,7 +1105,7 @@
$link .= Horde::img('alarm_small.gif', sprintf(_("%s Minutes before"), $this->alarm));
}
if (!$print_view) {
- if (!is_a($share, 'PEAR_Error') && $share->hasPermission(Auth::getAuth(), _PERMS_DELETE)) {
+ if (!is_a($share, 'PEAR_Error') && $share->hasPermission(Auth::getAuth(), _PERMS_DELETE, $this->getCreatorID())) {
if (isset($this->eventID)) {
$url = Horde::addParameter('delevent.php', 'eventID=' . $this->eventID);
$url = Horde::addParameter($url, 'calendar=' . $this->getCalendar());
Index: kronolith/lib/Driver/mcal.php
===================================================================
RCS file: /repository/kronolith/lib/Driver/mcal.php,v
retrieving revision 1.42
diff -u -r1.42 mcal.php
--- kronolith/lib/Driver/mcal.php 27 Feb 2003 17:45:37 -0000 1.42
+++ kronolith/lib/Driver/mcal.php 13 May 2003 21:24:59 -0000
@@ -140,6 +140,7 @@
mcal_event_set_title($driver->_stream, $this->getTitle());
mcal_event_set_description($driver->_stream, $this->getDescription());
mcal_event_set_category($driver->_stream, $this->getCategory());
+ mcal_event_add_attribute($driver->_stream, 'creator_id', $this->getCreatorID());
mcal_event_add_attribute($driver->_stream, 'location', $this->getLocation());
mcal_event_add_attribute($driver->_stream, 'keywords', implode(',', $this->getKeywords()));
mcal_event_add_attribute($driver->_stream, 'exceptions', implode(',', $this->getExceptions()));
@@ -220,6 +221,9 @@
}
if (isset($mcalEvent->description)) {
$this->description = $mcalEvent->description;
+ }
+ if (isset($mcalEvent->attrlist['creator_id'])) {
+ $this->creatorID = $mcalEvent->attrlist['creator_id'];
}
if (isset($mcalEvent->attrlist['location'])) {
$this->location = $mcalEvent->attrlist['location'];
Index: kronolith/lib/Driver/sql.php
===================================================================
RCS file: /repository/kronolith/lib/Driver/sql.php,v
retrieving revision 1.84
diff -u -r1.84 sql.php
--- kronolith/lib/Driver/sql.php 8 May 2003 20:49:08 -0000 1.84
+++ kronolith/lib/Driver/sql.php 13 May 2003 21:24:59 -0000
@@ -131,7 +131,7 @@
' event_keywords, event_title, event_category,' .
' event_recurtype, event_recurenddate, event_recurinterval,' .
' event_recurdays, event_start, event_end, event_alarm,' .
- ' event_modified, event_exceptions' .
+ ' event_modified, event_exceptions, event_creator_id' .
' FROM ' . $this->_params['table'] .
' WHERE event_id = ' . (int)$eventID .
' AND calendar_id = ' . $this->_db->quote($this->_calendar),
@@ -483,6 +483,7 @@
$this->title = String::convertCharset($SQLEvent['event_title'], $driver->_params['charset']);
$this->eventID = $SQLEvent['event_id'];
+ $this->creatorID = $SQLEvent['event_creator_id'];
$this->recurType = (int)$SQLEvent['event_recurtype'];
$this->recurInterval = (int)$SQLEvent['event_recurinterval'];
@@ -516,6 +517,7 @@
$driver = &$this->getDriver();
// Basic fields.
+ $this->_properties['event_creator_id'] = String::convertCharset($this->getCreatorID(), NLS::getCharset(), $driver->_params['charset']);
$this->_properties['event_title'] = String::convertCharset($this->getTitle(), NLS::getCharset(), $driver->_params['charset']);
$this->_properties['event_description'] = String::convertCharset($this->getDescription(), NLS::getCharset(), $driver->_params['charset']);
$this->_properties['event_category'] = $this->getCategory();
Index: kronolith/scripts/drivers/kronolith.sql
===================================================================
RCS file: /repository/kronolith/scripts/drivers/kronolith.sql,v
retrieving revision 1.10
diff -u -r1.10 kronolith.sql
--- kronolith/scripts/drivers/kronolith.sql 27 Feb 2003 17:34:23 -0000 1.10
+++ kronolith/scripts/drivers/kronolith.sql 13 May 2003 21:24:59 -0000
@@ -3,6 +3,7 @@
CREATE TABLE kronolith_events (
event_id BIGINT DEFAULT 0 NOT NULL,
calendar_id VARCHAR(255) NOT NULL,
+ event_creator_id VARCHAR(255) NOT NULL,
event_description TEXT,
event_location TEXT,
event_keywords TEXT,
Index: kronolith/scripts/drivers/kronolith.oracle.sql
===================================================================
RCS file: /repository/kronolith/scripts/drivers/kronolith.oracle.sql,v
retrieving revision 1.2
diff -u -r1.2 kronolith.oracle.sql
--- kronolith/scripts/drivers/kronolith.oracle.sql 31 Aug 2002 22:14:42 -0000 1.2
+++ kronolith/scripts/drivers/kronolith.oracle.sql 13 May 2003 21:24:59 -0000
@@ -3,6 +3,7 @@
CREATE TABLE kronolith_events (
event_id INT DEFAULT 0 NOT NULL,
calendar_id VARCHAR2(255) NOT NULL,
+ event_creator_id VARCHAR2(255) NOT NULL,
event_description VARCHAR2(4000),
event_location VARCHAR2(4000),
event_keywords VARCHAR2(4000),
Index: kronolith/scripts/drivers/kronolith.postgres.sql
===================================================================
RCS file: /repository/kronolith/scripts/drivers/kronolith.postgres.sql,v
retrieving revision 1.1
diff -u -r1.1 kronolith.postgres.sql
--- kronolith/scripts/drivers/kronolith.postgres.sql 21 Mar 2003 03:15:46 -0000 1.1
+++ kronolith/scripts/drivers/kronolith.postgres.sql 13 May 2003 21:24:59 -0000
@@ -3,6 +3,7 @@
CREATE TABLE kronolith_events (
event_id BIGINT DEFAULT 0 NOT NULL,
calendar_id VARCHAR(255) NOT NULL,
+ event_creator_id VARCHAR(255) NOT NULL,
event_description TEXT,
event_location TEXT,
event_keywords TEXT,
Index: lib/Perms.php
===================================================================
RCS file: /repository/horde/lib/Perms.php,v
retrieving revision 1.36
diff -u -r1.36 Perms.php
--- lib/Perms.php 19 Apr 2003 22:59:27 -0000 1.36
+++ lib/Perms.php 13 May 2003 21:25:00 -0000
@@ -194,11 +194,12 @@
* CategoryObject_Permission object.
* @param string $user (optional) The user to check for.
* Defaults to Auth::getAuth().
+ * @param string $creator (optional) The user who created the event.
*
* @return integer Any permissions the user has, _PERMS_NONE if there
* are none.
*/
- function getPermissions($permission, $user = null)
+ function getPermissions($permission, $user = null, $creator = null)
{
if (!is_a($permission, 'CategoryObject_Permission')) {
$permission = &$this->getPermission($permission);
@@ -245,6 +246,20 @@
return $perms;
}
+ // if there is no creator, then assume the current
+ // user will be the creator (likely it's an add)
+ if (empty($creator)) {
+ $creator = Auth::getAuth();
+ }
+
+ // if the user is the creator of the event see if
+ // there are creator permissions
+ if (!empty($user) && $user == $creator &&
+ ($perms = $permission->getCreatorPermissions()) !== null) {
+ return $perms;
+ }
+
+
// If there are default permissions, return them.
if (($perms = $permission->getDefaultPermissions()) !== null) {
return $perms;
@@ -272,13 +287,14 @@
* @param string $permission The permission to check.
* @param string $user The user to check for.
* @param int $perm The permission level that needs to be checked for.
+ * @param string $creator (optional) The creator of the event
*
* @return boolean True if the user has the specified permissions, and
* false otherwise.
*/
- function hasPermission($permission, $user, $perm)
+ function hasPermission($permission, $user, $perm, $creator = null)
{
- return ($this->getPermissions($permission, $user) & $perm);
+ return ($this->getPermissions($permission, $user, $creator) & $perm);
}
/**
@@ -403,6 +419,25 @@
}
/**
+ * Grant creators additional permissions to this object.
+ *
+ * @param constant $permisson The permission (_PERMS_DELE, etc.) to add.
+ * @param boolean $update (optional) Whether to automatically update the
+ * backend. Defaults to true.
+ */
+ function addCreatorPermission($permission, $update = true)
+ {
+ if (isset($this->data['creator'])) {
+ $this->data['creator'] |= $permission;
+ } else {
+ $this->data['creator'] = $permission;
+ }
+ if ($update) {
+ $this->_permsOb->updatePermission($this);
+ }
+ }
+
+ /**
* Grant additional default permissions to this object.
*
* @param constant $permisson The permission (_PERMS_DELE, etc.) to add.
@@ -486,6 +521,23 @@
}
/**
+ * Remove a permission that creators currently have on this object.
+ *
+ * @param constant $permisson The permission (_PERMS_DELE, etc.) to remove.
+ * @param boolean $update (optional) Whether to automatically update the
+ * backend. Defaults to true.
+ */
+ function removeCreatorPermission($permission, $update = true)
+ {
+ if (isset($this->data['creator'])) {
+ $this->data['creator'] &= ~$permission;
+ if ($update) {
+ $this->_permsOb->updatePermission($this);
+ }
+ }
+ }
+
+ /**
* Remove a default permission on this object.
*
* @param constant $permisson The permission (_PERMS_DELE, etc.) to remove.
@@ -555,6 +607,18 @@
{
return !empty($this->data['guest']) ?
$this->data['guest'] :
+ null;
+ }
+
+ /**
+ * Get the creator permissions on this object.
+ *
+ * @return integer The creator permissions on this object.
+ */
+ function getCreatorPermissions()
+ {
+ return !empty($this->data['creator']) ?
+ $this->data['creator'] :
null;
}
Index: lib/Share.php
===================================================================
RCS file: /repository/horde/lib/Share.php,v
retrieving revision 1.35
diff -u -r1.35 Share.php
--- lib/Share.php 26 Apr 2003 17:32:13 -0000 1.35
+++ lib/Share.php 13 May 2003 21:25:00 -0000
@@ -487,10 +487,11 @@
*
* @param string $userid The userid of the user
* @param constant $priv A _PERMS_* constant to test for
+ * @param string $creator (optional) The creator of the event
*
* @return boolean Whether or not $userid has $permission.
*/
- function hasPermission($userid, $permission)
+ function hasPermission($userid, $permission, $creator = null)
{
if ($userid == $this->getOwner()) {
return true;
@@ -500,7 +501,7 @@
return false;
}
- return $this->_perms->hasPermission($this->getPermission(), $userid, $permission);
+ return $this->_perms->hasPermission($this->getPermission(), $userid, $permission, $creator);
}
/**
Index: shares/edit.php
===================================================================
RCS file: /repository/horde/shares/edit.php,v
retrieving revision 1.7
diff -u -r1.7 edit.php
--- shares/edit.php 7 May 2003 17:45:33 -0000 1.7
+++ shares/edit.php 13 May 2003 21:25:00 -0000
@@ -148,6 +148,34 @@
}
}
+ // Process creator permissions.
+ if (Horde::getFormData('creator_deny')) {
+ $perm->removeCreatorPermission(_PERMS_SHOW | _PERMS_READ | _PERMS_EDIT | _PERMS_DELETE, false);
+ $perm->addCreatorPermission(_PERMS_NONE, false);
+ } else {
+ $perm->removeCreatorPermission(_PERMS_NONE, false);
+ if (Horde::getFormData('creator_show')) {
+ $perm->addCreatorPermission(_PERMS_SHOW, false);
+ } else {
+ $perm->removeCreatorPermission(_PERMS_SHOW, false);
+ }
+ if (Horde::getFormData('creator_read')) {
+ $perm->addCreatorPermission(_PERMS_READ, false);
+ } else {
+ $perm->removeCreatorPermission(_PERMS_READ, false);
+ }
+ if (Horde::getFormData('creator_edit')) {
+ $perm->addCreatorPermission(_PERMS_EDIT, false);
+ } else {
+ $perm->removeCreatorPermission(_PERMS_EDIT, false);
+ }
+ if (Horde::getFormData('creator_delete')) {
+ $perm->addCreatorPermission(_PERMS_DELETE, false);
+ } else {
+ $perm->removeCreatorPermission(_PERMS_DELETE, false);
+ }
+ }
+
// Process user permissions.
$u_names = Horde::getFormData('u_names');
$u_deny = Horde::getFormData('u_deny');
Index: templates/shares/edit.inc
===================================================================
RCS file: /repository/horde/templates/shares/edit.inc,v
retrieving revision 1.5
diff -u -r1.5 edit.inc
--- templates/shares/edit.inc 22 Apr 2003 15:57:51 -0000 1.5
+++ templates/shares/edit.inc 13 May 2003 21:25:00 -0000
@@ -106,6 +106,31 @@
<!-- Spacer -->
<tr><td> </td></tr>
+<!-- Event Creator Permissions -->
+<tr valign="middle">
+ <td class="header" align="left" width="25%">
+ <?php echo Horde::img('user.gif') . ' ' . _("Event Creator") ?>
+ </td>
+ <td class="header" align="center" width="1%"><?php echo _("Deny") ?></td>
+ <td class="header" align="center" width="1%"><?php echo _("Show") ?></td>
+ <td class="header" align="center" width="1%"><?php echo _("Read") ?></td>
+ <td class="header" align="center" width="1%"><?php echo _("Edit") ?></td>
+ <td class="header" align="center" width="1%"><?php echo _("Delete") ?></td>
+ <td class="header" align="right" width="70%"></td>
+</tr>
+<?php $cperm = $perm->getCreatorPermissions(); ?>
+<tr>
+ <td class="light"> </td>
+ <td align="center"><input type="checkbox" name="creator_deny"<?php echo ($cperm & _PERMS_NONE) ? ' checked="checked"' : '' ?> /></td>
+ <td align="center"><input type="checkbox" name="creator_show"<?php echo ($cperm & _PERMS_SHOW) ? ' checked="checked"' : '' ?> /></td>
+ <td align="center"><input type="checkbox" name="creator_read"<?php echo ($cperm & _PERMS_READ) ? ' checked="checked"' : '' ?> /></td>
+ <td align="center"><input type="checkbox" name="creator_edit"<?php echo ($cperm & _PERMS_EDIT) ? ' checked="checked"' : '' ?> /></td>
+ <td align="center"><input type="checkbox" name="creator_delete"<?php echo ($cperm & _PERMS_DELETE) ? ' checked="checked"' : '' ?> /></td>
+</tr>
+
+<!-- Spacer -->
+<tr><td> </td></tr>
+
<!-- User Permissions -->
<tr valign="middle">
<td class="header" align="left" width="25%">
Index: templates/admin/perms/edit.inc
===================================================================
RCS file: /repository/horde/templates/admin/perms/edit.inc,v
retrieving revision 1.10
diff -u -r1.10 edit.inc
--- templates/admin/perms/edit.inc 10 Feb 2003 16:00:51 -0000 1.10
+++ templates/admin/perms/edit.inc 13 May 2003 21:25:00 -0000
@@ -60,6 +60,31 @@
<!-- Spacer -->
<tr><td> </td></tr>
+<!-- Event Creator Permissions -->
+<tr valign="middle">
+ <td class="header" align="left" width="25%">
+ <?php echo Horde::img('user.gif') . ' ' . _("Event Creator") ?>
+ </td>
+ <td class="header" align="center" width="1%"><?php echo _("Deny") ?></td>
+ <td class="header" align="center" width="1%"><?php echo _("Show") ?></td>
+ <td class="header" align="center" width="1%"><?php echo _("Read") ?></td>
+ <td class="header" align="center" width="1%"><?php echo _("Edit") ?></td>
+ <td class="header" align="center" width="1%"><?php echo _("Delete") ?></td>
+ <td class="header" align="right" width="70%"></td>
+</tr>
+<?php $perm = $permission->getCreatorPermissions(); ?>
+<tr>
+ <td class="light"> </td>
+ <td align="center"><input type="checkbox" name="creator_deny"<?php echo ($perm & _PERMS_NONE) ? ' checked="checked"' : '' ?> /></td>
+ <td align="center"><input type="checkbox" name="creator_show"<?php echo ($perm & _PERMS_SHOW) ? ' checked="checked"' : '' ?> /></td>
+ <td align="center"><input type="checkbox" name="creator_read"<?php echo ($perm & _PERMS_READ) ? ' checked="checked"' : '' ?> /></td>
+ <td align="center"><input type="checkbox" name="creator_edit"<?php echo ($perm & _PERMS_EDIT) ? ' checked="checked"' : '' ?> /></td>
+ <td align="center"><input type="checkbox" name="creator_delete"<?php echo ($perm & _PERMS_DELETE) ? ' checked="checked"' : '' ?> /></td>
+</tr>
+
+<!-- Spacer -->
+<tr><td> </td></tr>
+
<!-- User Permissions -->
<tr valign="middle">
<td class="header" align="left" width="25%">
Index: kronolith/viewevent.php
===================================================================
RCS file: /repository/kronolith/viewevent.php,v
retrieving revision 1.16
diff -u -r1.16 viewevent.php
--- kronolith/viewevent.php 17 Apr 2003 16:34:44 -0000 1.16
+++ kronolith/viewevent.php 13 May 2003 22:42:58 -0000
@@ -64,7 +64,8 @@
$mylinks = array();
$isRemote = Horde::getFormData('calendar') == '**remote';
-if (!$isRemote && $share->hasPermission(Auth::getAuth(), _PERMS_DELETE)) {
+
+if (!$isRemote && $share->hasPermission(Auth::getAuth(), _PERMS_DELETE, $event->getCreatorID())) {
$delurl = Horde::addParameter('delevent.php', 'eventID', $event->getID());
$delurl = Horde::addParameter($delurl, 'calendar', $event->getCalendar());
$delurl = Horde::addParameter($delurl, 'timestamp', $timestamp);
@@ -72,7 +73,7 @@
$mylinks[] = Horde::link($delurl, sprintf(_("Delete '%s'"), $event->getTitle()), 'menuitem') . _("Delete") . '</a>';
}
-if ($isRemote || $share->hasPermission(Auth::getAuth(), _PERMS_EDIT)) {
+if ($isRemote || $share->hasPermission(Auth::getAuth(), _PERMS_EDIT, $event->getCreatorID())) {
$editurl = 'editevent.php';
if (Horde::getFormData('calendar') != '**remote') {
$editurl = Horde::addParameter($editurl, 'eventID', $event->getID());
@@ -99,6 +112,16 @@
$inviteurl = Horde::applicationUrl($inviteurl);
$mylinks[] = Horde::link($inviteurl, sprintf(_("Invite people to '%s'"), $event->getTitle()), 'menuitem') . _("Invite") . '</a>';
+}
+
+// Determine owner's name
+require_once HORDE_BASE . '/lib/Identity.php';
+$owner = $event->getCreatorID();
+$ident = &new Identity($owner);
+$ident->setDefault($ident->getDefault());
+$tmp_name = $ident->getValue('fullname');
+if (!empty($tmp_name)) {
+ $owner = $tmp_name;
}
require KRONOLITH_TEMPLATES . '/view/view.inc';
Index: kronolith/templates/view/view.inc
===================================================================
RCS file: /repository/kronolith/templates/view/view.inc,v
retrieving revision 1.20
diff -u -r1.20 view.inc
--- kronolith/templates/view/view.inc 28 Apr 2003 15:09:40 -0000 1.20
+++ kronolith/templates/view/view.inc 13 May 2003 22:42:58 -0000
@@ -30,6 +30,14 @@
<td align="left" class="text" colspan="3"><?php echo empty($location) ? ' ' : htmlspecialchars($location) ?> </td>
</tr>
+<?php if (!empty($owner)): ?>
+<!-- owner -->
+<tr>
+ <td align="right" class="light"><b><?php echo _("Owner") ?> </b></td>
+ <td align="left" class="text" colspan="3"><?php echo htmlspecialchars($owner) ?> </td>
+</tr>
+<?php endif; ?>
+
<!-- start date -->
<tr>
<td align="right" class="light"><b><?php echo _("Start On") ?> </b></td>
More information about the dev
mailing list